Last Updated: January 13, 2021
The Services enable those seeking to store data (“Customers”) with those providing space for decentralized cloud storage (“Node Operators”) (the “Storage Services”). Customers’ data is stored on third-party devices that have installed decentralized storage software (“Software”). Data submitted by Customers to the Services for storage with Node Operators (“Storage Materials”) is encrypted, which prevents JS Security and Node Operators from accessing the content of the Storage Materials.
JS Security acts as a service provider/processor of Storage Materials on behalf of its Customers. Individuals whose data may be included in Storage Materials ultimately are subject to the privacy policies and practices of the Customer utilizing JS Security for Storage Services. Accordingly, for the purposes of the European Union (“EU”) General Data Protection Regulation (“GDPR”), Customers act as the data controller with respect to the processing of the Storage Materials. JS Security is not responsible for the privacy practices of Customers. JS Security acts as the data controller and not a processor/service provider when, for example, Customers, Node Operators, and other Site visitors provide JS Security with information, such as contact, account, and registration information.
Collection of Information
Information you provide to us
We collect information you provide directly to us. For example, we collect information you provide when you create an account, subscribe to our updates, respond to a survey, fill out a form, post on a forum, request customer support, or communicate with us. Types of information we may collect include, but are not limited to, telemetry data, your digital wallet address, email address, username and password, survey responses, and any other information you choose to provide.
If you are a Customer or otherwise use our Storage Services, a third-party service provider may collect your payment method information for use in connection with your payments for storage.
Information we may collect automatically
When you use our Services, we may automatically collect information from your devices. For example, we may collect:
- Log information: We collect log information when you use our Services, including access times, pages viewed, IP address, and the web page that referred you to our website.
- Device information: We collect information about the computer or mobile device you use to access our Services, including the hardware model, operating system and version, your web browser, and device identifiers.
- Location information: We collect and process general information about the location of the device from which you are accessing the Service (e.g., approximate geographic location inferred from an IP address).
- Telemetry information: If you use the Software, we may collect the amount of free and used storage space on your device, bandwidth upload and download speeds, and other statistics about your device and network connection.
- Performance information: If you are a Customer, we may collect the amount of data transferred via our Services, the contract associated with the transferred data, and a log of the outcome (success or failure) of audits performed on your node.
- Usage information: If you use our Storage Services, we may collect metadata about your usage and the file shards that are distributed via the Storage Services (including shard size, number of shards, and frequency of access).
Use of Information
We may use information about you for various purposes, including to:
- Provide, maintain, deliver, and improve our Services;
- Develop new products and services;
- Personalize your experience;
- Respond to your requests for information;
- Send you technical notices as well as support and administrative messages;
- Subject to applicable legal obligations, communicate with you about products, services, promotions, events, and other news and information we think will be of interest to you;
- Monitor and analyze trends, usage, and activities in connection with our Services;
- Detect, investigate, and prevent suspected fraudulent transactions and other illegal activities, and protect the rights and property of JS Security and others;
- Investigate good-faith, alleged violations of our Agreements;
- Secure our Services and Customers;
- Carry out any other purpose for which the information was collected; and,
- Fulfill other purposes with your consent or at your direction.
Legal bases for use of Information
If you are located in the European Economic Area (“EEA”), please note that the legal bases under the GDPR for using the information we collect through your use of the Services are as follows:
Where use of your information is necessary to perform our obligations under a contract with you (for example, to comply with the Agreements which you accept by using the Services);
Where use of your information is necessary for our legitimate interests or the legitimate interests of others (for example, to provide security for our Services; operate our Services; prevent fraud; analyze use of and improve our Services; and for similar purposes);
Where use of your information is necessary to comply with a legal obligation; and,
Where we have your consent to process data in a certain way.
Sharing of Information
- With service providers that perform work for us so that they can perform such work;
- When you use interactive areas of our Services, like our blog or other online forums, certain information you choose to share may be displayed publicly, such as your username, actions you take, and any content you post;
- In response to a request for information if we believe disclosure is in accordance with, or required by, an applicable law, regulation, or legal process;
- In connection with, or during negotiations of, any merger, sale of Company assets, financing or acquisition of all or a portion of our business by another company;
- Between and among JS Security and any current and future parents, affiliates, subsidiaries and other companies under common control and ownership; or,
- With your consent or at your direction.
Where do we treat your Personal Information?
We always strive to treat your data within the EU/EEA. The data may, however, in some situations, be transferred to and processed in countries outside the EU/EEA of other suppliers or subcontractors (such as Facebook, Google, and other marketing channels ).
JS Security is determined to always protect your data and will take all reasonable legal, technical and organizational measures to ensure that your data is managed securely and with an adequate level of protection comparable with and at the same level as the protection offered within the EU/EEA.
How we protect your Data and Our Services
We take measures to protect your information against accidental or unlawful destruction or accidental loss, alteration, unauthorized disclosure, and access. However, no method of transmission over the internet, and no means of electronic or physical storage, is absolutely secure. By using our Services, you acknowledge and accept that we cannot guarantee the security of your information and that use of our Services is at your own risk.
How long do we keep your Personal Information?
JS Security keeps personal data as long as required to provide the Services you requested and as needed to comply with applicable laws and compliance practices.
Your Rights and Data Safety
You can request a copy of the information you would like to know and verify the information we have about you. The copy is free to request and you can contact us most easily at firstname.lastname@example.org – The right to rectification. You have the right to correct improper or non-complete information about yourself.
The right to be deleted (“right to be forgotten”). You have the right to request deletion of your data for the case that the data is no longer needed for the purpose it was collected for. However, there may be obligations, which prevent us from immediately erasing parts of your data. These obligations come from accounting and tax laws, but also the consumer rights legislation. What we do is to block the data that we are required to save from being able to be used for purposes other than to comply with those legal obligations.